http://www.mricon.com/SM/guide
he has a tutorial (for both redhat, and freebsd) that details exactly howto
setup a full mail server, using virtual domains/users. step by step. should
be what is needed here. I use it personally for my servers.
Jason Reid
[EMAIL PROTECTED]
--
AC Host Canada
www.achost.ca
----- Original Message -----
From: "Richard Lynch" <[EMAIL PROTECTED]>
To: "Anan" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, July 23, 2002 8:35 PM
Subject: [PHP] Re: How to add new user to the domain
> >Any one please let me know how to use PHP to add new user to a domain for
> >using mail (sendmail).
>
> You mean like a *REAL* user with a login and everything?
>
> Yikes!
>
> DANGER, WILL ROBINSON DANGER!
>
> You *REALLY* shouldn't do this unless you *REALLY* understand Un*x
> permissions and system security. HIGHLY DANGEROUS.
>
> 1st. Draw up a security diagram of *WHO* can access this page and *HOW*
they
> can access it and make damn sure *NOBODY* you don't trust can't access it.
> You'll want this happening over SSL (HTTPS) so your communication is
secure.
>
> 2nd. You'll have to muck with the /etc/passwd and shadow password files
> directly, almost for sure. The password routines for "user_add" and so on
> require a TTY connection (IE, a "real" login) and PHP ain't got one.
>
> 3rd. You'll need to have sudo scripts running to do 2. Or, *MAYBE* a PHP
> CGI running via suExec as "root" and all the scripts are root-owned and
not
> world-readable, much less world-writable nor world-executable, but *NOT*
> *NOT* *NOT* if *OTHER* people can use the same web-server and upload their
> *OWN* PHP scripts that will get executed as 'root' Bad Idea.
>
> 4th. Make sure those sudo scripts can *ONLY* be run by people you trust.
>
> You *MIGHT* be able to more easily allow sendmail to send emails or create
> some kind of "virtual" user that doesn't have an actual login, even though
> they have a directory for their mailbox, and then give them a
web-interface
> to read that email or something. This would be infinitely more secure, if
> it's possible.
>
> Letting PHP create shell logins is just plain DANGEROUS.
>
> Did I mention it was DANGEROUS? It is.
>
> >And also any funtions to check the availibility of a
> >domain name.
>
> Search code archives for "whois" or try this out:
> <?php
> exec("/usr/bin/whois $domainname", $results, $error);
> echo implode("<BR>\n", $results);
> if ($error){
> echo "OS Error $error. Usually path/permissions. Read 'man errno' to
> be sure.<BR>";
> }
> ?>
>
> --
> Like Music? http://l-i-e.com/artists.htm
> I'm looking for a PRO QUALITY two-input sound card supported by Linux (any
> major distro). Need to record live events (mixed already) to stereo
> CD-quality. Soundcard Recommendations?
> Software to handle the recording? Don't need fancy mixer stuff. Zero (0)
> post-production time. Just raw PCM/WAV/AIFF 16+ bit, 44.1KHz, Stereo
> audio-to-disk.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
